Alternatives and similar repositories for ARDvark

Users that are interested in ARDvark are comparing it to the libraries listed below

• its-a-feature / macos-popups
  Catalog Red Team techniques that cause popups in various macOS versions
  ☆15Updated last year
• WithSecureLabs / macOSTriageCollectionScript
  A triage data collection script for macOS
  ☆28Updated 5 years ago
• ahhh / macOS_profiles
  a collection of profiles for macOS designed for penetration testing or red teaming
  ☆36Updated 6 years ago
• MythicAgents / typhon
  Payload designed for targeting Jamf enrolled devices.
  ☆39Updated 2 years ago
• its-a-feature / macOSCameraCapture
  Simple CLI utility to save off an image from every webcam hooked into a mac
  ☆14Updated 4 years ago
• cedowens / Mythic-Macro-Generator
  Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens
  ☆47Updated 4 years ago
• MythicAgents / orthrus
  Uses Apple's MDM protocol to backdoor a device with a malicious profile.
  ☆56Updated 4 years ago
• antman1p / PrintTCCdb
  JXA script for Mythic that prints the TCC.db
  ☆15Updated 4 years ago
• cedowens / C2_Cradle
  Tool to download, install, and run macOS capable command & control servers (i.e., C2s with macOS payloads/clients) as docker containers f…
  ☆19Updated 4 years ago
• brokensound77 / toruk
  Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data
  ☆13Updated 6 years ago
• ydkhatri / Appx-Analysis
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆18Updated last year
• secgroundzero / ossem_modular
  OSSEM Modular
  ☆27Updated 5 years ago
• mattreduce / eddie
  Eddie Vetter - triage macOS applications for security research
  ☆16Updated 4 years ago
• its-a-feature / loginItemManipulator
  ☆15Updated 4 years ago
• its-a-feature / HealthInspector
  JXA situational awareness helper by simply reading specific files on a filesystem
  ☆81Updated 3 years ago
• antman1p / JXA_Proc_Tree
  A JXA script for enumerating running processes, printed out in a json, parent-child tree.
  ☆13Updated 3 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆28Updated 6 years ago
• its-a-feature / KeytabParser
  Python script to parse Keytab files for macOS or *nix (typically /etc/krb5.keytab)
  ☆40Updated 6 years ago
• cedowens / Persistent-Swift
  A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…
  ☆34Updated 4 years ago
• cedowens / JXA-RemoveQuarantine
  JXA script based on research by Jeff Johnson on leveraging TextEdit to remove quarantine attributes on files. Jeff's original research is…
  ☆17Updated 4 years ago
• mcarmanize / esfriend
  A minimal malware analysis sandbox for macOS
  ☆34Updated 2 years ago
• RedSiege / CLM-Base64
  This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode
  ☆27Updated last year
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 4 years ago
• fastlorenzo / redelk-kibana-app
  Kibana app for RedELK
  ☆18Updated 2 years ago
• cocaman / yara-scan-service
  Repository for scripts and tips for "Yara Scan Service"
  ☆20Updated 2 years ago
• trustedsec / RisingSun
  RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.
  ☆10Updated 4 years ago
• bradleyjkemp / threathunting
  Assorted, MIT licensed, threat hunting rules from @bradleyjkemp
  ☆14Updated 3 years ago
• AtropineTears / TheMacHardeningScripts
  Scripts to secure and harden Mac OS X
  ☆30Updated 4 years ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 10 years ago
• proferosec / Threat-Intelligence
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Updated 6 years ago